Wednesday, June 12, 2013

Upcoming revelations speculations

Greenwald/Snowden claim even more explosive revelations are coming. I thought I'd write some guesses of what those revelations might be.

Factoring 1024 bit keys

I don't think the NSA can crack any RSA key through the use of quantum computers. If they could, only 10 people would know, and it wouldn't filter down to people like Snowden. Moreover, Snowden tried to get Greenwald to use PGP -- which he wouldn't have done if the NSA could crack it.

But, the NSA has the ability to brute-force short RSA keys using arrays of custom silicon chips (ASICs or FPGAs).

What we don't know how far they've gotten, what the largest key is that they can crack. I think one of the revelations will be the size of keys the NSA is currently cracking. Since most websites default to 1024 bit keys, that the NSA can routinely crack keys of that size would be an explosive revelation.

Just as important would be revelation about specific cases where it might've used its vast cracking power, such as whether it successfully has decrypted somebody's SSL connections using this technique. If the NSA is routinely cracking RSA in the SSL traffic it eavesdrops on throughout the world, that'd be huge.

Update: A 768-bit RSA key was factored in 2010. They estimate cracking a 1024-bit key would be 1000 times harder, taking 1.5 million desktop computers to accomplish the feat. This is within the NSA's budget. Thus, it factoring these keys wouldn't be surprising -- but proof they regularly do it would cause everyone to update their SSL certificates.

TOR eavesdropping

I assume the NSA operates TOR (The Onion Router) entry/exit nodes purely on the principle that they'd be a fool not to. By default, TOR creates a new circuit every 15 minutes. Thus, a single high-speed exit node will eventually get a sample of everyone who uses TOR.

An interesting revelation would be the extent to which the NSA is monitoring TOR. With enough exit, entry, and internal nodes, the NSA would be able to successfully unmask a person. It would be an enormous investment, though.

My recollections are hazy, but I think most Tor nodes use 1024 bit RSA keys. Thus, the above discussion on RSA factoring can be extended to cover Tor traffic. That ability would be an explosive revelation.

BitCoin mining

Anybody with more than 50% of the computation power of the BitCoin network can destroy it. The NSA has long been a huge customer of custom designed ASICs and FPGAs, and is something they could easily do -- if they wanted to.

A separate issue is anonymity  As everyone knows, BitCoin is pseudonymous. Every transaction is logged in a public legger open to everyone, including the NSA. It's just that these transactions are pure metadata. We don't know the physical person behind the BitCoin addresses. However, the NSA can sync this up with other metadata, such as it's tracking of all financial transactions, phone numbers, and IP addresses. That they'd successfully unmasked major BitCoin targets would be explosive.

Also, there is the rumor that Satoshi Nakamura (the pseudonym of BitCoin's creator) is an NSA employee.

Stuxnet and 0day market

We all believe the NSA created Stuxnet, so any confirmation of this won't surprise us.

But it's unlikely that NSA created it alone. Instead, they probably used contractors and purchased the 0days on the open market. It's like that the sellers of some of those 0days are well known to us in the cybersec community, being people that we personally know.

Likewise, there might be explosive revelations about the extent of the 0day market in general, how many the NSA has been buying, how often they've been used, and who they've targeted.


Decades ago, the NSA was caught bribing a Swiss company to put a backdoor in their crypto products. The rumor that the NSA continues to do so as persisted ever since. For example, when people found the "NSAKEY" in Windows a decade ago, the tin foil hat crowd assumed it was an NSA backdoor (it wasn't).

Modern backdoors are beyond crypto. For example, we might find that anti-virus companies routinely ignore malware at the request of the NSA. Or, conversely, the NSA might have a program for tricking anti-virus companies, such as by creating two copies of software that have the same MD5/SHA1 hash, then successfully getting anti-virus companies to whitelist the good version.

Another example is the iMessage issue. In theory, Apple promises some sort of "end-to-end encryption" such that even they cannot decrypt your messages. In practice, everyone believes there is a backdoor for law enforcement. The exact details of this might be revealed.

In other countries, there is a high degree of mistrust of American products, like Internet routers and telcom equipment. These might be revealed to have backdoors.

Even though most computer hardware and chips are designed in the United States, they usually manufactured in China. There has been constant rumors about the Chinese backdooring hardware during the manufacturing process.

What we might find is that the NSA has been backdooring hardware during the design process.


Microsoft bought Skype for $8 billion dollars. It doesn't seem to make sense. Now that we see Skype and Microsoft prominently mentioned in the PRISM documents, we may find out that this entire thing was a plot by the NSA.

The way it would work is this. In exchange for being the public face owning Skype, the NSA might guarantee $500-million a year of purchases of "software licenses". This could be a win-win for Microsoft, as it could use these fictitious licenses to hide from Wall Street how much their Windows market share is tanking in the mobile market.

Undersea Cables

Why the heck was Edward Snowden working in Hawaii? The assumption that many people have is because that's where undersea cable taps lead.

As everyone knows, the NSA has its own private nuclear powered submarine. Everyone assumes this is for settling on the deep ocean floor to install its taps. What we may find is the true scope of this program.

There's more to it than just cable taps. Through manipulation of BGP routing, it's easy to cause targeted traffic that would normally be wholly within a country to leak out through an undersea cable, and then go back into the country. Revelations of this sort of thing would be pretty explosive.

More monitoring of Americans

As the NSA repeatedly says, they don't monitor Americans themselves -- they just outsource it to the FBI.

There might be more revelations about how the NSA hoovers up various law enforcement data from around the country into "fusions centers" that combine and correlate it.

For example, local police departments are increasingly scanning license plates automatically, recording the GPS location and time when the license plates were seen. This includes cameras on the side of the road, cameras mounted on top of police cars, and or manual action by police officers typing in plates into the computer.

Imagine if all that data was sent to the NSA, to be combined with other metadata, such as the cell location from your phone. I think this would get a lot of people upset.

Booz-Allen itself

The Booz-Allen company itself (as well as other military industrial complex companies) are up to their eyeballs in intelligence stuff. It also has a weird history: it was purchased by the private equity company The Carlyle Group, then a minority stake was spun out as a public company, with the Carlyle Group holding onto some business units for itself. A company doesn't have the same restrictions as the NSA. It may be able to do certain things that the NSA can't.

All this means that we may be getting some interesting revelations about what the company is up to quite appart from the NSA. I'm not sure I'd want to hold stock in this company (though I probably am through a mutual fund or something).

Robert Mueller in drag

I'm sure the NSA has pictures of the director of the FBI in drag.

(I'm making a joke here, refering to how J Edger Hoover was rumored to be a transvestite. Sadly, in this age of tolerance, jokes and gossip about somebody's transvitism no longer works, because nobody cares.)

They finally come for me

These guesses are just the product of my paranoid fantasies, but there's a chance that some might be correct. I might get two FBI agents showing up at my door or be whisked away in the night for questioning.

For the record, I have not yet received an NSL (National Security Letter). Crypto guy Matt Blaze irregularly points this out on twitter as a neat trick. An NSL forbids a person from disclosing that they received the NSL. Thus, while you can't confirm you've received one, you can simply stop posting that you haven't.


Richard Steven Hack said...

That we can even speculate on such revelations is itself unnerving as to how far the government has gone, regardless of whether any of them turn out to be true.

Anonymous said...

The trick is flawed, I think it's illegal to say you have received a NSL but not to lie about not receiving one.

The trick would be "I have received a NSL from * today" everyday, the day you stop, you have received one and you don't want to break the law you would stop it.

I'm not sure about "I have received a NSL from * today, just joking".

Stiennon said...

One more that could be very disruptive to US tech companies: The NSA could be leveraging Microsoft or Adobe update services to install either malware or engineered zero days in target PCs.

martijn said...

Regarding factoring keys, as CloudFlare point out, Google uses a different algorithm which allows them to choose a different key each session. Factoring keys is a pointless attack against them.

I'd be very surprised if the NSA relied on cracking private keys. If they did, their stream of information would depend on companies not suddenly changing private keys. If I believed I was stopping lots of terrorist attacks, as the NSA seems to believe, I wouldn't want to rely on something that could be turned off on the other side.

Up said...

@ Stiennon

By 'target PCs' of course you mean ALL PCs...

Anonymous said...

Error on Bitcoin's creator: it's Satoshi Nakamoto.

I'll add one more revelation: CloudFlare is actually a plot of the NSA to spy on many websites, including when they use SSL.

Anonymous said...

How did you come up with the figure of "1000" times harder for the crypto cracking? Wouldn't it be 2^256 times harder (since 2^1024 is 2^256 x 2^768)? So that would be "1.15e77" times harder. Many many orders of magnitude higher than 1000 (1e3). Am I missing something?